SOC Analyst - L3

Key Responsibilities:

• Incident Detection & Response:

• Monitor security alerts and events through

  SIEM

  tools to identify potential threats.
• Investigate security incidents and respond in a timely and effective manner.
• Leverage

  EDR (Endpoint Detection and Response)

  solutions for threat detection and incident analysis.

• Threat Analysis & Mitigation:

• Conduct thorough

  threat and malware analysis

  to identify and mitigate risks.
• Work closely with internal teams to investigate malware, viruses, and ransomware threats.
• Use

  CrowdStrike

  ,

  Defender

  , and other endpoint security tools to prevent attacks.

• Email Security Management:

• Monitor and manage

  email security

  systems to prevent phishing, spam, and other malicious email threats.
• Respond to suspicious email alerts and work with other teams to resolve them.

• Continuous Monitoring & Alerting:

• Actively monitor systems, networks, and applications for any signs of suspicious activities.
• Utilize

  Endpoint Security

  solutions to continuously track and protect endpoints across the network.

• Collaboration & Reporting:

• Work closely with the IT and security teams to assess, analyze, and resolve security incidents.
• Maintain detailed documentation of incidents, findings, and responses for future reference.
• Regularly report on the status of ongoing security incidents and trends to senior management.

• Research & Knowledge Enhancement:

• Stay updated with the latest security threats, vulnerabilities, and trends.
• Participate in security training and development to improve skills in

  SIEM

  ,

  EDR

  , and other security tools.

Required Skills and Qualifications:

• Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience.
• Strong experience with

  SIEM

  (e.g., Splunk, QRadar, ArcSight).
• Proficient in

  EDR

  and

  Endpoint Security

  tools (e.g., CrowdStrike, Microsoft Defender).
• Hands-on experience in

  threat and malware analysis

  .
• Familiarity with

  email security

  systems (e.g., Proofpoint, Mimecast).
• Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems.
• Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST).
• Excellent analytical and problem-solving skills.

Preferred Qualifications:

• Security certifications like

  CompTIA Security+

  ,

  CISSP

  ,

  CEH

  , or

  GIAC

  are a plus.
• Experience with incident response and forensic investigation.
• Familiarity with cloud security in AWS, Azure, or Google Cloud.